Robust location privacy

Doktorsavhandling, 2017

The Internet is in many ways both fascinating and yet also scary. For most people, a single commercial entity owns the power to disclose all their personal emails. Most commonly your emails are only disclosed to you and your correspondent, but the power to choose who sees these emails is in fact not yours. The power to control the release of data about ones person is what most people refer to as privacy.
In spite of this, almost nothing that the Internet is used for gives the originator of a message control over it. When you use a social media platform, you are given the intuition that you choose which friends who can see any posts and photos that you publish, and of course the connection is encrypted to thwart eavesdropping. However, the service provider may still share this data to anyone they like. From a technological standpoint, a user almost never has the power of their data; in other words, there’s normally no privacy on the Internet.
This thesis is describes di erent ways of giving end-users more control over some parts of their own personal data using cryptography for the speci c case of location data, enhancing their privacy. The majority of the thesis explores how to make use of location proximity, to check whether to users are close to each other, as a basic primitive while maintaining privacy through additively homomorphic encryption. The thesis further explores the application scenario of ridesharing, or car pooling, using both additively homomorphic encryption and private set intersection. All of the solutions presented sport proven privacy-preserving capabilities, and have been implemented to measure their performance. This thesis shows in what contexts there’s still a ways to go, but also highlights some settings in which it might already be time to move theory into practice.

Room EC, ED&IT building, Rännvägen 6B, Chalmers

Opponent: Prof. Somesh Jha, University of Wisconsin, Madison, WI, United States

Location Based Services (LBS) are becoming increasingly popular. The massive usage of mobile interconnected devices creates tremendous opportunities for services that utilize location information. Logistics companies make extensive usage of tracking the location of cargo throughout land, sea, and air. Enforcement authorities use location tracking technology for devices carried by people and embedded in vehicles. Individual users enjoy a wide range of location-based services from tracking a lost phone to querying for nearby restaurants or nearby tweets. However, many users are concerned about sharing their location. A major challenge is achieving the privacy of LBS without hampering the utility.

It is a constant strain on many companies to maintain sufficient security of their data and services. With current practices, whenever two parties in an information exchange both have sensitive data that they do not wish to disclose, we see a conflict of interests. In these cases the solution is almost exclusively for the user to give up their private data to the service provider. A great challenge remains to maintain privacy of location data in this setting, such that the user does not have to continuously advertise their location to the service provider.

Many techniques that strive to preserve privacy for users of LBS make use of pragmatic techniques without grounded theory that obscure the users data to a large extent. While this may work in some cases, it is however not a promising track as a more general technique, as the full data can still be deduced while the quality of the service is being degraded. Instead, the data can be made computationally unobtainable without degrading the quality of the service using a cryptographic technique called Secure Multiparty Computation (SMC).

The overarching goal of this thesis is to create a robust foundation for privacy in LBS, guaranteeing that the location data is secure through means of SMC without the use of a trusted third party. We aim for a solution where neither authorities, service providers, infrastructure owners, or other agents may intrude on users' privacy. While many solutions aim to decrease the information leakage, we remove them completely using cryptographic means. The theis leans on solid grounds with mathematical proofs of cryptographic constructions, which enables us to give a user a guarantee, instead of them needing to trust other parties. The thesis demonstrate SMC applied to several kinds of LBS and shows concrete and novel techniques that guarantee robust privacy without the need to central trusted parties.

Location Based Services (LBS) are becoming increasingly popular. The massive usage of mobile interconnected devices creates tremendous opportunities for services that utilize location information. Logistics companies make extensive usage of tracking the location of cargo throughout land, sea, and air. Enforcement authorities use location tracking technology for devices carried by people and embedded in vehicles. Individual users enjoy a wide range of location-based services from tracking a lost phone to querying for nearby restaurants or nearby tweets. However, many users are concerned about sharing their location. A major challenge is achieving the privacy of LBS without hampering the utility.

It is a constant strain on many companies to maintain sufficient security of their data and services. With current practices, whenever two parties in an information exchange both have sensitive data that they do not wish to disclose, we see a conflict of interests. In these cases the solution is almost exclusively for the user to give up their private data to the service provider. A great challenge remains to maintain privacy of location data in this setting, such that the user does not have to continuously advertise their location to the service provider.

Many techniques that strive to preserve privacy for users of LBS make use of pragmatic techniques without grounded theory that obscure the users data to a large extent. While this may work in some cases, it is however not a promising track as a more general technique, as the full data can still be deduced while the quality of the service is being degraded. Instead, the data can be made computationally unobtainable without degrading the quality of the service using a cryptographic technique called Secure Multiparty Computation (SMC).

The overarching goal of this thesis is to create a robust foundation for privacy in LBS, guaranteeing that the location data is secure through means of SMC without the use of a trusted third party. We aim for a solution where neither authorities, service providers, infrastructure owners, or other agents may intrude on users' privacy. While many solutions aim to decrease the information leakage, we remove them completely using cryptographic means. The theis leans on solid grounds with mathematical proofs of cryptographic constructions, which enables us to give a user a guarantee, instead of them needing to trust other parties. The thesis demonstrate SMC applied to several kinds of LBS and shows concrete and novel techniques that guarantee robust privacy without the need to central trusted parties.

Styrkeområden

Informations- och kommunikationsteknik

Ämneskategorier

Data- och informationsvetenskap

Kommunikationssystem

Mediateknik

ISBN

978-91-7597-605-1

Doktorsavhandlingar vid Chalmers tekniska högskola. Ny serie: 4286

Utgivare

Chalmers tekniska högskola

Room EC, ED&IT building, Rännvägen 6B, Chalmers

Opponent: Prof. Somesh Jha, University of Wisconsin, Madison, WI, United States